Help Center/ Data Encryption Workshop/ API Reference/ APIs/ Secret Management APIs/ Event Management/ Creating an Event

Updated on 2024-08-06 GMT+08:00

View PDF

Creating an Event

Function

Creates an event that can be configured on one or more secret objects. When an event is enabled and the basic event type contained in the event is triggered on the secret object, the cloud service sends the corresponding event notification to the notification topic specified by the event.

Constraints

The created event notification cannot be used independently and needs to be configured on a specific secret object. The service does not check the validity of the notification object in the event notification. If the notification object does not exist under the user account, the event notification fails when the event is triggered.

Calling Method

For details, see Calling APIs.

URI

POST /v1/{project_id}/csms/events

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Project ID

Request Parameters

**Table 2** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

**Table 3** Request body parameters
Parameter	Mandatory	Type	Description
name	Yes	String	Name of the event notification to be created. Constraints: The value contains 1 to 64 characters and matches the regular expression ^[a-zA-Z0-9_-]{1,64}$.
event_types	Yes	Array of strings	Basic event list of the event notification. The basic event types are as follows: SECRET_VERSION_CREATED: version creation SECRET_VERSION_EXPIRED: The version has expired. SECRET_ROTATED: secret rotation SECRET_DELETED: secret deletion The basic event types contained in the list must be unique.
state	Yes	String	Indicates whether an event takes effect. Basic event types can be triggered only when the event is enabled. Enabled Disabled
notification	Yes	Notification object	Notification topic object.

**Table 4** Notification
Parameter	Mandatory	Type	Description
target_type	Yes	String	Type of the object to which an event notification is sent.
target_id	Yes	String	ID of the object to which the event notification is sent.
target_name	Yes	String	Name of the object to which the event notification is sent.

Response Parameters

Status code: 200

**Table 5** Response body parameters
Parameter	Type	Description
event	Event object	Event notification object

**Table 6** Event
Parameter	Type	Description
name	String	Event notification name.
event_id	String	Indicates the resource identifier of the event notification.
event_types	Array of strings	Set the basic event type list of the event. Constraint: The array can contain up to 12 elements.
state	String	Event notification status. The options are as follows: ENABLED DISABLED
create_time	Long	Time when an event notification is created. The value is a timestamp, that is, the total number of seconds from January 1, 1970 to the time specified by this parameter.
update_time	Long	Last update time of the event notification. The value is a timestamp, that is, the total number of seconds from January 1, 1970 to the time.
notification	Notification object	Notification topic object.

**Table 7** Notification
Parameter	Type	Description
target_type	String	Type of the object to which an event notification is sent.
target_id	String	ID of the object to which the event notification is sent.
target_name	String	Name of the object to which the event notification is sent.

Status code: 400

**Table 8** Response body parameters
Parameter	Type	Description
error	ErrorDetail object	Error message.

**Table 9** ErrorDetail
Parameter	Type	Description
error_code	String	Error code returned for an error request.
error_msg	String	Error information returned for an error request.

Status code: 401

**Table 10** Response body parameters
Parameter	Type	Description
error	ErrorDetail object	Error message.

**Table 11** ErrorDetail
Parameter	Type	Description
error_code	String	Error code returned for an error request.
error_msg	String	Error information returned for an error request.

Status code: 403

**Table 12** Response body parameters
Parameter	Type	Description
error	ErrorDetail object	Error message.

**Table 13** ErrorDetail
Parameter	Type	Description
error_code	String	Error code returned for an error request.
error_msg	String	Error information returned for an error request.

Status code: 404

**Table 14** Response body parameters
Parameter	Type	Description
error	ErrorDetail object	Error message.

**Table 15** ErrorDetail
Parameter	Type	Description
error_code	String	Error code returned for an error request.
error_msg	String	Error information returned for an error request.

Status code: 500

**Table 16** Response body parameters
Parameter	Type	Description
error	ErrorDetail object	Error message.

**Table 17** ErrorDetail
Parameter	Type	Description
error_code	String	Error code returned for an error request.
error_msg	String	Error information returned for an error request.

Status code: 502

**Table 18** Response body parameters
Parameter	Type	Description
error	ErrorDetail object	Error message.

**Table 19** ErrorDetail
Parameter	Type	Description
error_code	String	Error code returned for an error request.
error_msg	String	Error information returned for an error request.

Status code: 504

**Table 20** Response body parameters
Parameter	Type	Description
error	ErrorDetail object	Error message.

**Table 21** ErrorDetail
Parameter	Type	Description
error_code	String	Error code returned for an error request.
error_msg	String	Error information returned for an error request.

Example Requests

Create an event.

{
  "name" : "demo-event",
  "event_types" : [ "SECRET_VERSION_CREATED", "SECRET_VERSION_EXPIRED" ],
  "state" : "ENABLED",
  "notification" : {
    "target_type" : "SMN",
    "target_id" : "urn:smn:cn-north-4:dc3b7c85759141a991da17423c0f2068:test-poc",
    "target_name" : "demo-smn-name"
  }
}

Example Responses

Status code: 200

Request succeeded.

{
  "event" : {
    "name" : "event-test",
    "event_id" : "bb6a3d22-dc93-47ac-b5bd-88df7ad35f1e",
    "state" : "ENABLED",
    "event_types" : [ "SECRET_VERSION_CREATED", "SECRET_VERSION_EXPIRED" ],
    "create_time" : 1581507580000,
    "update_time" : 1581507580000,
    "notification" : {
      "target_type" : "SMN",
      "target_id" : "urn:smn:cn-north-4:SecertExpirationTest",
      "target_name" : "SecertExpirationNotificationTest"
    }
  }
}

SDK Sample Code

The SDK sample code is as follows.

Create an event.

      
       
         
         
           package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.csms.v1.region.CsmsRegion;
import com.huaweicloud.sdk.csms.v1.*;
import com.huaweicloud.sdk.csms.v1.model.*;

import java.util.List;
import java.util.ArrayList;

public class CreateSecretEventSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");

        ICredential auth = new BasicCredentials()
                .withAk(ak)
                .withSk(sk);

        CsmsClient client = CsmsClient.newBuilder()
                .withCredential(auth)
                .withRegion(CsmsRegion.valueOf("<YOUR REGION>"))
                .build();
        CreateSecretEventRequest request = new CreateSecretEventRequest();
        CreateSecretEventRequestBody body = new CreateSecretEventRequestBody();
        Notification notificationbody = new Notification();
        notificationbody.withTargetType("SMN")
            .withTargetId("urn:smn:cn-north-4:dc3b7c85759141a991da17423c0f2068:test-poc")
            .withTargetName("demo-smn-name");
        List<String> listbodyEventTypes = new ArrayList<>();
        listbodyEventTypes.add("SECRET_VERSION_CREATED");
        listbodyEventTypes.add("SECRET_VERSION_EXPIRED");
        body.withNotification(notificationbody);
        body.withState(CreateSecretEventRequestBody.StateEnum.fromValue("ENABLED"));
        body.withEventTypes(listbodyEventTypes);
        body.withName("demo-event");
        request.withBody(body);
        try {
            CreateSecretEventResponse response = client.createSecretEvent(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

          

        

      
     

Create an event.

      
       
         
         
           # coding: utf-8

from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdkcsms.v1.region.csms_region import CsmsRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdkcsms.v1 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = __import__('os').getenv("CLOUD_SDK_AK")
    sk = __import__('os').getenv("CLOUD_SDK_SK")

    credentials = BasicCredentials(ak, sk) \

    client = CsmsClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(CsmsRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = CreateSecretEventRequest()
        notificationbody = Notification(
            target_type="SMN",
            target_id="urn:smn:cn-north-4:dc3b7c85759141a991da17423c0f2068:test-poc",
            target_name="demo-smn-name"
        )
        listEventTypesbody = [
            "SECRET_VERSION_CREATED",
            "SECRET_VERSION_EXPIRED"
        ]
        request.body = CreateSecretEventRequestBody(
            notification=notificationbody,
            state="ENABLED",
            event_types=listEventTypesbody,
            name="demo-event"
        )
        response = client.create_secret_event(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

          

        

      
     

Create an event.

      
       
         
         
           package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    csms "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/csms/v1"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/csms/v1/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/csms/v1/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        Build()

    client := csms.NewCsmsClient(
        csms.CsmsClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.CreateSecretEventRequest{}
	notificationbody := &model.Notification{
		TargetType: "SMN",
		TargetId: "urn:smn:cn-north-4:dc3b7c85759141a991da17423c0f2068:test-poc",
		TargetName: "demo-smn-name",
	}
	var listEventTypesbody = []string{
        "SECRET_VERSION_CREATED",
	    "SECRET_VERSION_EXPIRED",
    }
	request.Body = &model.CreateSecretEventRequestBody{
		Notification: notificationbody,
		State: model.GetCreateSecretEventRequestBodyStateEnum().ENABLED,
		EventTypes: listEventTypesbody,
		Name: "demo-event",
	}
	response, err := client.CreateSecretEvent(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

          

        

      
     

For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.

Status Codes

Status Code	Description
200	Request succeeded.
400	Invalid request parameter.
401	A username and password are required.
403	Authentication failed.
404	The requested resource does not exist or is not found.
500	Internal service error.
502	Failed to complete the request because the server receives an invalid response from an upstream server.
504	Gateway timed out.